Digital rights management

ABSTRACT

A digital rights management system employs digital watermarks to enable users to sample public versions of music, movies and other content, and access private versions of that content whose use is controlled through encryption and associated content usage rules. In a system designed for personal computers, the system includes a digital watermark detector that operates within the operating system to intercept content signals from a device driver. The detector extracts the digital watermarks from the content signals to identify them as public or private content. The public content enables a user to sample the content. The watermark in the public content provides a mechanism for locating the private content and associated decryption key and usage rules governing playback of the private content.

RELATED FILES

[0001] This application is related to cofiled, copending and coassigned applications entitled “SYSTEMS AND METHODS FOR INTERCEPTING MEDIA DATA, INCLUDING WAVEFORM DATA”, Ser. No. ______, [Attorney Docket 1064.020US1], which is hereby incorporated by reference herein for all purposes.

GOVERNMENT RIGHTS STATEMENT

[0002] The inventions detailed in application Ser. Nos. 08/918,125, 08/921,931, and 08/918,126 were made with government support by AFOSR under grant AF/F49620-94-1-0461, NSF under grant NSF/INT-9406954 and ARPA GRANT No. AF/F46920-93-1-0558. The Government has certain rights in those inventions.

FIELD

[0003] The present invention relates generally to computer software, and more particularly to digital rights management systems and methods.

COPYRIGHT NOTICE/PERMISSION

[0004] A portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure as it appears in the Patent and Trademark Office patent file or records, but otherwise reserves all copyright rights whatsoever. The following notice applies to the software and data as described below and in the drawings hereto: Copyright @ 2001, Cognicity, Inc. All Rights Reserved.

[0005]FIG. 1 is a block diagram of the hardware and operating environment in which different embodiments of the invention can be practiced; and

[0006]FIG. 2 is a diagram illustrating a system level overview of an exemplary embodiment of the invention.

DETAILED DESCRIPTION

[0007] The present invention describes systems, clients, servers, methods, and computer-readable media of varying scope. In the following detailed description of exemplary embodiments of the invention, reference is made to the accompanying drawings that form a part hereof, and in which is shown by way of illustration specific exemplary embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention, and it is to be understood that other embodiments may be utilized and that logical, mechanical, electrical and other changes may be made without departing from the scope of the present invention. The following detailed description is, therefore, not to be taken in a limiting sense.

[0008] In the Figures, the same reference number is used throughout to refer to an identical component which appears in multiple Figures. Signals and connections may be referred to by the same reference number or label, and the actual meaning will be clear from its use in the context of the description.

[0009] The detailed description is divided into multiple sections. In the first section the hardware and operating environment of different embodiments of the invention is described. In the second section, the software environment of varying embodiments of the invention is described. In the final section, a conclusion is provided.

Hardware and Operating Environment

[0010]FIG. 1 is a diagram of the hardware and operating environment in conjunction with which embodiments of the invention may be practiced. The description of FIG. 1 is intended to provide a brief, general description of suitable computer hardware and a suitable computing environment in conjunction with which the invention may be implemented. Although not required, the invention is described in the general context of computer-executable instructions, such as program modules, being executed by a computer, such as a personal computer or a server computer. Generally, program modules include routines, programs, objects, components, data structures, etc., that perform particular tasks or implement particular abstract data types.

[0011] Moreover, those skilled in the art will appreciate that the invention may be practiced with other computer system configurations, including hand-held devices, multiprocessor systems, microprocessor-based or programmable consumer electronics, network PCs, minicomputers, mainframe computers, and the like. The invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote memory storage devices.

[0012] As shown in FIG. 1, the computing system 100 includes a processor. The invention can be implemented on computers based upon microprocessors such as the PENTIUM® family of microprocessors manufactured by the Intel Corporation, the MIPS® family of microprocessors from the Silicon Graphics Corporation, the POWERPC® family of microprocessors from both the Motorola Corporation and the IBM Corporation, the PRECISION ARCHITECTURE® family of microprocessors from the Hewlett-Packard Company, the SPARC® family of microprocessors from the Sun Microsystems Corporation, or the ALPHA® family of microprocessors from the Compaq Computer Corporation. Computing system 100 represents any personal computer, laptop, server, or even a battery-powered, pocket-sized, mobile computer known as a hand-held PC.

[0013] The computing system 100 includes system memory 113 (including read-only memory (ROM) 114 and random access memory (RAM) 115), which is connected to the processor 112 by a system data/address bus 116. ROM 114 represents any device that is primarily read-only including electrically erasable programmable read-only memory (EEPROM), flash memory, etc. RAM 115 represents any random access memory such as Synchronous Dynamic Random Access Memory.

[0014] Within the computing system 100, input/output bus 118 is connected to the data/address bus 116 via bus controller 119. In one embodiment, input/output bus 118 is implemented as a standard Peripheral Component Interconnect (PCI) bus. The bus controller 119 examines all signals from the processor 112 to route the signals to the appropriate bus. Signals between the processor 112 and the system memory 113 are merely passed through the bus controller 119. However, signals from the processor 112 intended for devices other than system memory 113 are routed onto the input/output bus 118.

[0015] Various devices are connected to the input/output bus 118 including hard disk drive 120, floppy drive 121 that is used to read floppy disk 151, and optical drive 122, such as a CD-ROM or DVD-ROM drive that is used to read an optical disk 152. The video display 124 or other kind of display device is connected to the input/output bus 118 via a video adapter 125.

[0016] A user enters commands and information into the computing system 100 by using a keyboard 40 and/or pointing device, such as a mouse 42, which are connected to bus 118 via input/output ports 128. Other types of pointing devices (not shown in FIG. 1) include track pads, track balls, joy sticks, data gloves, head trackers, and other devices suitable for positioning a cursor on the video display 124.

[0017] As shown in FIG. 1, the computing system 100 also includes a modem 129. Although illustrated in FIG. 1 as external to the computing system 100, those of ordinary skill in the art will quickly recognize that the modem 129 may also be internal to the computing system 100. The modem 129 is typically used to communicate over wide area networks (not shown), such as the global Internet. The computing system may also contain a network interface card 53, as is known in the art, for communication over a network.

[0018] Software applications 136 and data are typically stored via one of the memory storage devices, which may include the hard disk 120, floppy disk 151, CD-ROM/DVD-ROM 152 and are copied to RAM 115 for execution. In one embodiment, however, software applications 136 are stored in ROM 114 and are copied to RAM 115 for execution or are executed directly from ROM 114.

[0019] In general, the operating system 135 executes software applications 136 and carries out instructions issued by the user. For example, when the user wants to load a software application 136, the operating system 135 interprets the instruction and causes the processor 112 to load software application 136 into RAM 115 from either the hard disk 120 or the optical disk 152. Once software application 136 is loaded into the RAM 115, it can be used by the processor 112. In case of large software applications 136, processor 112 loads various portions of program modules into RAM 115 as needed.

[0020] The Basic Input/Output System (BIOS) 117 for the computing system 100 is stored in ROM 114 and is loaded into RAM 115 upon booting. Those skilled in the art will recognize that the BIOS 117 is a set of basic executable routines that have conventionally helped to transfer information between the computing resources within the computing system 100. These low-level service routines are used by operating system 135 or other software applications 136.

[0021] In one embodiment computing system 100 includes a registry (not shown) which is a system database that holds configuration information for computing system 100. For example, Windows® 95, Windows 98®, Windows® NT, Windows 2000® and Windows Me® by Microsoft maintain the registry in two hidden files, called USER.DAT and SYSTEM.DAT, located on a permanent storage device such as an internal disk.

Software Environment

[0022] The embodiments of the invention describe a software environment of systems and methods that provide for interception of media data. FIG. 2 is a block diagram describing the major components of a media interception system 200 according to an embodiment of the invention. In one embodiment, media interception system includes a media player/recorder application 202, media SDK (Software Development Kit) 206, media device driver 208 and interception layer software 204.

[0023] Media player/recorder application 202 is an application that can playback and/or record audio, video or other multimedia data using hardware on a computer system, such as computer 100 (FIG. 1). Examples of such applications include the RealPlayer and RealJukebox applications from RealNetworks Inc., the Winamp player from Nullsoft, Inc., and the Windows Media Player application from Microsoft Corp. In general, a media player/recorder application 202 is capable for reading and/or writing at least one type of media data stream 220. An example of a particular media type is the waveform audio type. Waveform audio data can be stored in multiple formats. One popular format is the WAV (Microsoft RIFF format), which stores the audio data in a non-compressed form. Other waveform formats store the data in compressed form. These formats include the Microsoft Windows Audio format (wm, .wma), Real Audio format (.ra), the Sun Audio format (.au) and the MP3 (.mp3) format. These formats are listed as exemplary formats; the invention is not limited to any particular format.

[0024] The media data streams 220 can be stored in a number of ways. For example, the data streams can come from a file that resides on a hard drive, a CD-ROM, or a DVD-ROM. Alternatively, the data streams can reside on a remote system, and can be transferred to the application over a network such as the Internet. The invention is not limited to any particular source for the data stream.

[0025] Some audio systems add an additional encryption layer to the compressed audio data for copyright protection purposes. Despite the fact that the audio data may be encrypted, compressed or even specially processed, the audio data that goes to the media SDK 206 has to be in wave format. It is the application responsibility to convert the compressed/encrypted/processed audio data to regular wave format.

[0026] Media SDK 206 comprises a collection of modules that provide an API (Application Program Interface) that enables software developers to develop applications that play and/or record media data streams, such as audio or video data streams. In one embodiment, the media SDK 206 is a waveform Software Development Kit (SDK) from Microsoft Corporation that enables software applications developers to develop applications that receive waveform input data from audio devices and play the waveform audio data through the output audio device. Software developers can use the waveform SDK to add sound effects to applications and capture the audio input from the microphone, sound card line-in and any audio input device. For both waveform input and waveform output services, the waveform SDK uses the standard wave format to represent the audio data. In some embodiments, this wave format is defined using the WAVEFORMATHDR and WAVEFORMATEX data structures defined by the SDK. Applications 202 can communicate with SDK 204 either by direct function calls to the SDK APIs or through sending messages to the SDK to request the proper operation.

[0027] It should be noted that FIG. 2 has illustrated a single media player/recorder application 202. However, in some embodiments of the invention, media SDK 206 can support playing waveform buffers from a plurality of different instances of an application 202 simultaneously as well as capturing input from the audio in devices. Thus, the invention is not limited to any particular number or type of media player/recorder applications.

[0028] Media device driver 208 provides an interface to control a particular type of media hardware 210. For example, media device driver 208 can be a sound card device driver for controlling input and input for a particular brand of sound card in a computer system.

[0029] Interception layer software 204 intercepts, collects, filters and controls media input and output data. In one embodiment, the interception layer software 204 controls waveform audio data. The interception layer software 204 logically resides between a media player/recorder application 202 and the media SDK 206, and emulates the API calls and message handling of a media SDK. In addition, media SDK 206 can emulate callback functions on behalf of an application 202. Thus, to media player/recorder application 206, the interception layer appears as a media SDK, and to media SDK, the interception software layer appears to be an application. The interception layer software 204 can apply its functions to any media player/recorder application 202. In some embodiments, these media player/recorder applications 202 are capable of running under any or all Microsoft Windows platforms. In one embodiment, the interception layer software 204 collects and controls the waveform input data as it goes from the audio input device before it reaches the application and collects and controls the waveform output data as it goes from the application and before it reaches the audio output device 210 via media SDK 206.

[0030] In some embodiments, particularly those embodiments that operate in a Microsoft Windows environment, the interception software 204 includes a replacement kernel module 214 that can replace a previously existing kernel32.dll. The replacement kernel module 214 provides all the services that the original kernel32.dll exports to other system modules and applications. In addition, replacement kernel module 214 provides additional processing as described below.

[0031] In various embodiments of the invention, the interception software layer 204 must be installed before it will operate. In embodiments that operate on Windows 95, Windows 98 and Windows Me platforms, during the software installation process, a windows-modules-patching component patches the winmm.dll file and changes the reference of the Windows kernel32.dll to refer to the replacement kernel module 214. This type of system file patching forces the Windows applications loader to load the interception layer software 204 in the address space of any application 202 that imports services from winmm.dll.

[0032] In some embodiments, during the loading of any media player/recorder application 202, if the winmm.dll is used by application 202 or any one of its referenced modules, then the Windows platform loads the interception software layer 204, including the replacement kernel module 214 in the address space of the application 202. As mentioned earlier, this is because winmm.dll has been patched to refer to the replacement kernel module 214 instead of the original windows kernel32.dll. Loading the interception layer software 204 by the replacement kernel module 214 ensures that the software 204 will be active in the address space of any application that uses services exported from winmm.dll. This is desirable, because doing so provides optimal system performance, as the software 204 is active only when there is a request for a winmm.dll service.

[0033] In embodiments of the invention that operate on the Windows NT and Windows 2000 platforms, the installation software places standard entries in the Windows registry database that forces the loading of the interception layer software 204 inside the address space of any running media player/recorder application 202.

[0034] Thus in embodiments that operate on Windows NT or Windows 2000, Windows loads the replacement kernel software 214 as it loads a media player/recorder application 202. During the application loading process for a media player/recorder application 202, the new kernel software 214 checks if the winnmm.dll is loaded or not. If it is not loaded, it then activates the interception layer software 204 for this application's address space. Otherwise it stays passive and listens to application requests. If there is a new request for a winmm.dll service, then the software switches back to the active mode. This ensures the best system performance, as the software is active only when there is a request for a winmm.dll service.

[0035] In further alternative embodiments that operate under all Windows platforms, while the replacement kernel software 214 is active, it installs a “Module-Load-Monitor” thread 212 that monitors the loading of any module by the application 202. If the application is loading the winmm.dll or requesting a service from the winmm.dll then the software changes the reference to winmm.dll or the winmm.dll service to call another module provided by the interception layer software 204.

[0036] The replacement kernel module 214 intercepts all the calls and messages that go from the application 202 to the media SDK (e.g. winmm.dll) and dispatches them to interception layer 204. Therefore, the interception layer software 204 module receives all the requests for waveform input and output services. In some embodiments, the interception layer software 204 includes two controllers: the first controller is the Wave-Out Audio Controller that manages the requests for audio output services and the second controller is the Wave-In Audio Controller that manages the requests for audio input services.

[0037] In general, the Wave-Out Audio Controller is capable of doing the following functions:

[0038] collect all the audio data that goes from the application to the windows Wave-Out system.

[0039] collect the audio data of each Wave-Out session in a different buffer

[0040] filter some audio output buffers before being dispatched to the output sound device.

[0041] process the output of the audio data, which includes applying an external audio processor before sending the audio output data to the sound card. For example, the interception layer can provide “mixer” functions or “3D” effects.

[0042] Monitoring listeners' behavior (Wave-Out): the software can detect the start date and time of each Wave-Out session as well as the date and time duration the session has ended. Therefore, it can define exactly how long any song was played by the system.

[0043] Audio filtering: The software can filter the whole Wave-Out/Wave-In session and can filter specific parts of the audio input/output. It can filter the content based on the time duration or as a results of applying any external audio processor.

[0044] Audio recording: The software records the audio input and output waveform data to external files. It saves the data in Windows WAV file format. The software is =capable also of encoding the output waveform data into different types of popular commercial audio file formats. It is well integrated with different sets of CODEC SDKs and can encode the output files to Real Audio format, Windows Audio format and MP3 format. It is prepared to support any file format encoder.

[0045] Deferred audio delivery: For waveform output, the software is capable of collecting the audio data from the application without sending it to the output device. This is done transparently from the application. Therefore, the application continues sending more data and does not stop as it has a fake sense that the output sound device plays the output audio data. For Waveform input, the software is capable of collecting the audio input data from the input device without sending them to the application the moment they are they are received. After then, it can send them to the application as even they have been just received from the input device. This requirement is very important for many audio processors that require processing the audio content as a whole before the application for audio input and before the sound card for audio output.

[0046] In general, the Wave-In Audio Controller is capable of performing the same types of functions provided by the Wave-Out Audio Controller except that it applies it to input audio data.

[0047] This section has described the various software components in a system that provide for the interception of media data, including waveform audio data. As those of skill in the art will appreciate, the software can be written in any of a number of programming languages known in the art, including but not limited to C/C++, Java, Visual Basic, Smalltalk, Pascal, Ada and similar programming languages. The invention is not limited to any particular programming language for implementation.

CONCLUSION

[0048] Systems and methods that provide for the interception of media data streams are disclosed.

[0049] The embodiments of the invention provide numerous advantages over previous systems, and various embodiments include various combinations of the following features:

[0050] Unified audio format: the software collects all the audio input and output data in the standard waveform format regardless of the input audio file format used by the application to store the audio data.

[0051] Session based: The software establishes a separate audio collection session for each waveform audio input and output session performed by the application.

[0052] Application neutral: The software implementation is transparent to the implementations details of the application. It can collect the waveform output data from any Windows applications as long as it uses the Microsoft waveform SDK.

[0053] Application awareness: the software provides separate audio collection sessions for each application. This enables the software to define the application interacts with the waveform SDK for both audio input and output. It enables the software to provide different set of customized audio management features per application.

[0054] Sound driver neutral: the software is independent of the sound driver implementation therefore it works with any sound driver installed in the user windows system.

[0055] User transparent: All the software operations are hidden to the user who can not disable the software operations except by uninstalling the software itself through the software uninstall program.

[0056] Persistent installation: The software provides several techniques to force itself to be always active regardless of any tool that is installed on the system and tries to uninstall or deactivate the software.

[0057] Consistent functionality over any Windows 32 platform whether it is Windows NT or Windows 95 based platform.

[0058] Upward compatibility for windows operating systems.

[0059] Hidden from the user and the user has no control over it.

[0060] Safety and Robustness: The software component that does not conflict with other system monitoring tools. Additonally, the interception software does not affect any other application running in the system outside the address space of the audio player.

[0061] In addition to the aspects described above, Appendix A provides a description of an embodiment of the invention that includes components described above to provide a digital rights management system.

[0062] Furthermore, Appendix B provides details of an alternative digital rights management system according to an embodiment of the invention.

[0063] The discussion provided in Appendix A and Appendix B refers to watermarking. While any general file watermarking can be adapted to the present invention, specific methods of watermarking are described in the following patents and patent applications, all of which are hereby incorporated by reference herein for all purposes. Attorney Docket Ser. No. Filed Title Status 600.415US1 08/918,122 Aug. 27, 1997 Method and Apparatus for Issued: Feb. 29, 2000 Embedding Data, Including U.S. Pat. No. 6,031,914 Watermarks, in Human Perceptible Images 600.416US1 08/918,891 Aug. 27, 1997 Method and Apparatus for Issued: May 9,2000 Embedding Data, Including U.S. Pat. No. 6,061,793 Watermarks, in Human Perceptible Sounds 600.417US1 08/918,125 Aug. 27, 1997 Method and Apparatus for Video Watermarking 600.418US1 08/921,931 Aug. 27, 1997 Method and Apparatus for Scene- Based Video Watermarking 600.419US1 08/918,126 Aug. 27, 1997 Digital Watermarking to Resolve Multiple Claims of Ownership 1064.001US1 09/228,224 Jan. 11, 1999 Multimedia Data Embedding 1064.002US1 09/481,758 Jan. 11, 2000 Transaction Watermarking 1064.003US1 09/480,391 Jan. 11, 2000 Degradation Watermarking 1064.004US1 09/585,102 May 31, 2000 Persistent Linking Via Watermarking 1064.022US1 09/573,119 May 16, 2000 Systems And Methods For Authorized Playback And Tracking Of Multimedia Content Over Networks

[0064] Although specific embodiments have been illustrated and described herein, it will be appreciated by those of ordinary skill in the art that any arrangement which is calculated to achieve the same purpose may be substituted for the specific embodiments shown. This application is intended to cover any adaptations or variations of the present invention.

[0065] The terminology used in this application is meant to include all of these environments. It is to be understood that the above description is intended to be illustrative, and not restrictive. Many other embodiments will be apparent to those of skill in the art upon reviewing the above description and the attached appendices. 

We claim:
 1. A method for management of media content comprising: intercepting an unencrypted media signal from a source to an application program; decoding a digital watermark from the unencrypted media signal; based on the digital watermark in the unencrypted media signal, using the digital watermark to locate an encrypted version of the media signal, wherein the unencrypted media signal enables a user to sample the media signal and provides a digital watermark to access the encrypted version of the media signal.
 2. A method of embedding a digital watermark into a host media signal comprising: perceptually adapting the digital watermark with a human perceptual model computed in the frequency domain, and computed in the non-frequency domain of the host media signal; and embedding the perceptually adapted digital watermark in the host media signal.
 3. The method of claim 2 wherein the non-frequency domain comprises the time domain and the host media signal comprises an audio signal.
 4. A method of detecting a digital watermark embedded in a host signal comprising: receiving the host signal including a media signal and a digital watermark that has been perceptually adapted to the media signal in frequency and non-frequency domains; processing the host signal with a representation of the digital watermark to compute a measure of the digital watermark; and based on the measure of the digital watermark, extracting the digital watermark from the host media signal.
 5. The method of claim 4 wherein the representation of the digital watermark is derived from the host signal.
 6. The method of claim 5 wherein the representation of the digital watermark is derived from the host signal using a perceptual model.
 7. The method of claim 4 wherein the host signal has autocorrelation properties that enable synchronization of the digital watermark despite temporal or geometric distortion of the host signal.
 8. A method of digital watermarking a media signal comprising: deriving a first key that is a function of the media signal; generating a digital watermark signal that is a function of the first key and a second key that is not dependent on the media signal; embedding the digital watermark in the media signal.
 9. A method of detecting a digital watermark in a host signal comprising: obtaining a first key that is a function of the host signal; generating a representation of a digital watermark from the first key and a second key that is not dependent on the host signal; and processing the host signal with the representation of the digital watermark to extract the digital watermark from the host signal. 